Remote Information Disclosure in SAP DB by SAP
CVE-2003-0943

Currently unrated

Key Information:

Vendor: SAP
Status: SAP Db
Vendor: CVE Published:; 15 December 2003

What is CVE-2003-0943?

The web-tools component in SAP DB versions prior to 7.4.03.30 has multiple services enabled by default, such as waecho, Web SQL Interface (websql), and Web Database Manager (webdbm). These vulnerabilities may allow remote attackers to gain unauthorized access to sensitive information or conduct attacks by redirecting traffic against internal databases. Proper configuration and security measures are essential to mitigate risks associated with these services.

References

http://www.atstake.com/research/advisories/2003/a111703-2...

vendor-advisoryx_refsource_ATSTAKE

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 15, 2003